Sammi Chen created HDDS-13999:
---------------------------------
Summary: Complete ignore the ACL sent by client during object
creation
Key: HDDS-13999
URL: https://issues.apache.org/jira/browse/HDDS-13999
Project: Apache Ozone
Issue Type: Improvement
Reporter: Sammi Chen
Assignee: Sammi Chen
Before HDDS-11656, in an environment, when user who created objects in Ozone,
is part of multiple groups in Linux/LDAP server, group ACL will be created for
each group, together with one ACL for user itself, sent by client to OM during
object creation and persisted into DB. This makes a big object metadata, and
millions of such objects makes DB bigger than expected.
With HDDS-11656, default ACL is controlled by server side, instead of client
side, also the default ACL of new object is limited to ower itself and owner's
primary group, so the number of ACLs of new object is highly reduced.
HDDS-11656 changes both client side and server side, so it requires users to
upgrade to use new clients which has HDDS-11656 fix. But sometimes it's hard
for users to update all clients easily in a short time, so this task aims to
solve this problem at OM side if the old ozone client is still used.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
